Vulnerability Details CVE-2011-4066
SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.exploit-db.com/exploits/17992
- http://www.securityfocus.com/bid/50173
- http://www.securitytracker.com/id?1026197
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70686
- http://www.exploit-db.com/exploits/17992
- http://www.securityfocus.com/bid/50173
- http://www.securitytracker.com/id?1026197
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70686
Products affected by CVE-2011-4066
-
cpe:2.3:a:sir:gnuboard:-
-
cpe:2.3:a:sir:gnuboard:3.30
-
cpe:2.3:a:sir:gnuboard:3.31
-
cpe:2.3:a:sir:gnuboard:3.32
-
cpe:2.3:a:sir:gnuboard:3.33
-
cpe:2.3:a:sir:gnuboard:3.34
-
cpe:2.3:a:sir:gnuboard:3.35
-
cpe:2.3:a:sir:gnuboard:3.36
-
cpe:2.3:a:sir:gnuboard:3.37
-
cpe:2.3:a:sir:gnuboard:3.38
-
cpe:2.3:a:sir:gnuboard:3.39
-
cpe:2.3:a:sir:gnuboard:3.40
-
cpe:2.3:a:sir:gnuboard:4.31.03
-
cpe:2.3:a:sir:gnuboard:4.31.3
-
cpe:2.3:a:sir:gnuboard:4.31.4
-
cpe:2.3:a:sir:gnuboard:4.33.2